FINANCIAL INSTITUTIONS NEED TO PREPARE FOR WEARABLES WAVE
By Ennio Carboni, executive vice president, customer solutions, Ipswitch
The wearable revolution has begun, with the likes of smart glasses and watches, and it will dramatically impact the financial sector, which needs to be prepared for the onslaught.
The financial industry is obviously one of the most highly regulated. Many financial institutions are still getting their heads around the internal processes and services that have mushroomed as a result of smartphone and tablet use. However, wearables are gathering momentum and will play a key role in the banking sector so it is a case of prepare now as opposed to when the horse has bolted!
Market research company Research and Markets, predicts that worldwide spending on wearable technology will reach $19 billion by 2018. It forecasts that by 2020, over 150 million wearable devices will have been shipped across the globe.
Consumers will undoubtedly use wearable devices for banking transactions so we may well see key data systems and electronic signatures built into wearables in the future. Wearables will also have a big impact on the internal infrastructure of the financial sector.
Bring Your Own Device (BYOD) has been seen by many financial institutions as a way of reducing costs. However, institutions have had to plan implementations carefully as security is a central concern, both in terms of employee trust and legal liability.
BYOD put new policies in place for employee-owned devices versus company owned devices in regards to privacy and security. Wearables will do the same and financial institutions need to be prepared for the next frontier.
Financial institutions risk losing control of their networks and leave themselves wide open to security breaches if they don’t act now. As wearables become more prevalent, institutions need to make sure that their networks can function, and that they have the bandwidth for additional devices logging on. Remember wearables don’t replace smartphones and tablets; they are additional devices. If your network can’t cope it could have disastrous effects where mission critical applications are compromised.
Security, however, is the glaring issue. Smart watches contain cameras and smart glasses can record everything the user sees. In addition, they have plenty of storage and powerful operating systems. Suddenly transferring sensitive data outside the confines of a secure network becomes simple and can be completed in seconds.
If you haven’t considered a WYOD (Wear Your Own Device) policy, then you should start discussing it fast or you could find your sensitive data hung out to dry in the public domain.
Getting ready for WYOD
- Carry out a deep dive risk assessment to review the overall use of wearables and identify the potential risks that they may bring in the unauthorised disclosure of non-public or customer data.
- Set different security, privacy, log on and application distribution for personal wearables.
- Prepare for a dramatic increase of complex data through your network and ensure that it can cope. Clearly define who can bring wearables into the organisation and where and what parts of the network they can log on to.
- Get your legal department to look carefully at the legal implications of wearables and outline it clearly in your WYOD policy. Make sure your WYOD policy addresses emerging privacy laws.
- Have a secure plan in place for lost or stolen devices.
- IT staff need to be trained in the security issues surrounding different wearables and their operating systems. At the same time the IT department must make sure that the network supports the wearables that financial institutions take on board.
- Educate employees about wearables. Having a draconian approach will simply send devices underground and the IT department will inevitably lose control of what is attached to the network, when and where.
In the past, employees used company devices and the data was securely locked down. But the world is changing fast. The arrival of BYOD and wearables means that an organisation can no longer do this as a matter of course. Financial institutions will have to learn to integrate, regulate, secure and monitor employee devices to retain control and glean the benefits that wearables will bring in terms of improving productivity and reducing costs. This means carefully balancing employee satisfaction with industry regulation.